Skip to content
Merged
Show file tree
Hide file tree
Changes from 2 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion source/common/filesystem/win32/filesystem_impl.cc
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,7 @@ std::string InstanceImplWin32::fileReadToEnd(const std::string& path) {

// On Windows, we need to explicitly set the file mode as binary. Otherwise,
// 0x1a will be treated as EOF
std::ifstream file(path, std::ios_base::binary);
std::ifstream file(path, std::ios::binary);
if (file.fail()) {
auto last_error = ::GetLastError();
if (last_error == ERROR_FILE_NOT_FOUND) {
Expand Down
13 changes: 13 additions & 0 deletions source/extensions/transport_sockets/tls/ssl_socket.cc
Original file line number Diff line number Diff line change
Expand Up @@ -291,6 +291,15 @@ void SslSocket::shutdownSsl() {
}
}

void SslSocket::shutdownBasic() {
if (info_->state() != Ssl::SocketState::ShutdownSent &&
callbacks_->connection().state() != Network::Connection::State::Closed) {
callbacks_->ioHandle().shutdown(ENVOY_SHUT_WR);
drainErrorQueue();
info_->setState(Ssl::SocketState::ShutdownSent);
}
}

void SslSocket::closeSocket(Network::ConnectionEvent) {
// Unregister the SSL connection object from private key method providers.
for (auto const& provider : ctx_->getPrivateKeyMethodProviders()) {
Expand All @@ -303,6 +312,10 @@ void SslSocket::closeSocket(Network::ConnectionEvent) {
if (info_->state() == Ssl::SocketState::HandshakeInProgress ||
info_->state() == Ssl::SocketState::HandshakeComplete) {
shutdownSsl();
} else {
// We're not in a state to do the full SSL shutdown so perform a basic shutdown to flush any
// outstanding alerts
shutdownBasic();
}
}

Expand Down
1 change: 1 addition & 0 deletions source/extensions/transport_sockets/tls/ssl_socket.h
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,7 @@ class SslSocket : public Network::TransportSocket,
Network::PostIoAction doHandshake();
void drainErrorQueue();
void shutdownSsl();
void shutdownBasic();
bool isThreadSafe() const {
return callbacks_ != nullptr && callbacks_->connection().dispatcher().isThreadSafe();
}
Expand Down
2 changes: 0 additions & 2 deletions test/extensions/transport_sockets/tls/BUILD
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,6 @@ envoy_cc_test(
],
external_deps = ["ssl"],
shard_count = 4,
# TODO(wrowe): Diagnose timeout error on Windows (skipped for the moment)
tags = ["fails_on_windows"],
deps = [
":test_private_key_method_provider_test_lib",
"//include/envoy/network:transport_socket_interface",
Expand Down
6 changes: 3 additions & 3 deletions test/extensions/transport_sockets/tls/ssl_socket_test.cc
Original file line number Diff line number Diff line change
Expand Up @@ -377,15 +377,15 @@ void testUtil(const TestUtilOptions& options) {
if (!options.expectedPeerCert().empty()) {
std::string urlencoded = absl::StrReplaceAll(
options.expectedPeerCert(),
{{"\n", "%0A"}, {" ", "%20"}, {"+", "%2B"}, {"/", "%2F"}, {"=", "%3D"}});
{{"\r", ""}, {"\n", "%0A"}, {" ", "%20"}, {"+", "%2B"}, {"/", "%2F"}, {"=", "%3D"}});
// Assert twice to ensure a cached value is returned and still valid.
EXPECT_EQ(urlencoded, server_connection->ssl()->urlEncodedPemEncodedPeerCertificate());
EXPECT_EQ(urlencoded, server_connection->ssl()->urlEncodedPemEncodedPeerCertificate());
}
if (!options.expectedPeerCertChain().empty()) {
std::string cert_chain = absl::StrReplaceAll(
options.expectedPeerCertChain(),
{{"\n", "%0A"}, {" ", "%20"}, {"+", "%2B"}, {"/", "%2F"}, {"=", "%3D"}});
{{"\r", ""}, {"\n", "%0A"}, {" ", "%20"}, {"+", "%2B"}, {"/", "%2F"}, {"=", "%3D"}});
Comment thread
sunjayBhatia marked this conversation as resolved.
Outdated
// Assert twice to ensure a cached value is returned and still valid.
EXPECT_EQ(cert_chain, server_connection->ssl()->urlEncodedPemEncodedPeerCertificateChain());
EXPECT_EQ(cert_chain, server_connection->ssl()->urlEncodedPemEncodedPeerCertificateChain());
Expand Down Expand Up @@ -4840,7 +4840,7 @@ TEST_P(SslReadBufferLimitTest, SmallReadsIntoSameSlice) {

for (uint32_t i = 0; i < num_writes; i++) {
Buffer::OwnedImpl data(std::string(write_size, 'a'));
client_transport_socket_->doWrite(data, false);
client_connection_->write(data, false);
}

dispatcher_->run(Event::Dispatcher::RunType::Block);
Expand Down